Skills
skills/montagao/skills/ouraclaw/Gen Agent Trust Hub

ouraclaw

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • Unverifiable Dependencies & Remote Code Execution (HIGH): The skill clones a repository from an untrusted GitHub account (https://github.com/montagao/ouraclaw.git) and executes bun install. This allows for the installation and execution of unverified third-party code during the skill's setup process.\n- Command Execution (MEDIUM): The skill relies on multiple shell commands (git, bun, ouraclaw, jq) to function. This provides a mechanism for potentially malicious code in the unverified repository to interact with the host system.\n- Indirect Prompt Injection (LOW): The skill ingests external health data via the Oura Ring API. Evidence Chain:\n
  • Ingestion points: Data returned by ouraclaw score and ouraclaw sleep commands.\n
  • Boundary markers: None present to delimit API output from agent instructions.\n
  • Capability inventory: Shell execution (bun, git, jq) and file system access (project directory and .env).\n
  • Sanitization: No sanitization or validation of the API response is performed before processing.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 06:50 PM